package com.system.shiro.web;
import javax.servlet.http.HttpServletRequest;  
import org.apache.shiro.SecurityUtils;  
import org.apache.shiro.authc.AuthenticationException;  
import org.apache.shiro.authc.UsernamePasswordToken; 
import org.apache.shiro.subject.Subject;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;

import com.system.common.util.ExtAjaxResponse;  
@Controller  
public class ShiroAction { 

	@RequestMapping("/index")  
    public String index(HttpServletRequest request){  
		return "index";
	}
	@RequestMapping("/login")  
    public String login(HttpServletRequest request){  
		return "login";
	}
    @RequestMapping("/loginin")  
    public String doLogin(HttpServletRequest request){  
         //当前Subject  
         Subject currentUser = SecurityUtils.getSubject(); 
         //加密（md5+盐），返回一个32位的字符串小写  
//         String salt="("+request.getParameter("username")+")";    
//         String md5Pwd=new Md5Hash(request.getParameter("password"),salt).toString();  
         //传递token给shiro的realm  
         UsernamePasswordToken token = new UsernamePasswordToken(request.getParameter("username"),request.getParameter("password"));    
         try {    
        	 token.setRememberMe(true);
             currentUser.login(token);
         } catch (AuthenticationException e) {//登录失败    
        	 return "redirect:/login";
         }   
            return "redirect:/index";
    }  
    @RequestMapping("/logout")  
    public @ResponseBody ExtAjaxResponse logout(HttpServletRequest request){  
        SecurityUtils.getSubject().logout();  
        System.out.println("1");
        return new ExtAjaxResponse(true,"成功");  
    } 
}  
